[prev in list] [next in list] [prev in thread] [next in thread] 

List:       forensics
Subject:    Re: e-discovery
From:       Michael Katz <mike () procinct ! com>
Date:       2003-04-08 23:35:59
[Download RAW message or body]

At 4/8/2003 06:16 AM, Darren Welch wrote:

>I am auditing a client's legal department's e-discovery policies and 
>procedures and looking at process improvement. I was hoping someone knows 
>of or has already architected a solution for the following;
>
>Assuming a case of civil litigation where company "x" is the defendant and 
>is required by court order to present all information related to topic 
>"y"; is there a utility that will scan every node on a network (single 
>subnets on up to 60,000 nodes), searching each node's directory structure 
>and file list for keywords which relate to topic "y"?  Then identifying 
>the path to such a find? I would like to be able to search nodes such as 
>user hard drives, network shared drives, files servers, db's (oracle, sql, 
>etc), and webservers, etc., on W2K, WNT, Linux, Unix, Solaris, Novell...
>
>I am interested in locating normal files and am not interested in 
>recovering deleted files or files in UA space. I would like the output to 
>display "Keyword Hit", "IP Address", "Machine Name", "Logged on user", 
>"Filename containg keyword hit", "Path to File".
>
>I know this is an extensive wish list but maybe someone knows of a 
>solution? Thanks, D

Don't know if it has everything you're looking for, but Cataphora's 
C-Evidence™ Service (www.cataphora.com) is certainly trying to accomplish 
most, if not all, of your wishlist.


Michael Katz
mike@procinct.com
Procinct Security 


-----------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com


[prev in list] [next in list] [prev in thread] [next in thread]